LUNAR – Lockdown UNix Auditing and Reporting

  • 105
  •  
  •  
  •  
  •  
  •  
  •  
  •  
    105
    Shares

A UNIX security auditing tool based on several security frameworks. This scripts generates a scored audit report of a Unix host’s security. It is based on the CIS and other frameworks. Where possible there are references to the CIS and other benchmarks in the code documentation.

It can  perform a lockdown. Unlike some other scripts it has the capability to backout changes. Files are backed up using cpio to a directory based on the date. Although it can perform a lockdown, as previously stated, we would recommend you address the warnings via policy, documentation and configuration management.

Supported Operating System

 

  • Linux
    • RHEL 5,6,7
    • Centos 5,6,7
    • Scientific Linux
    • SLES 10,11,12
    • Debian
    • Ubuntu
    • Amazon Linux
  • Solaris (6,7,8,9,10 and 11)
  • Mac OS X
  • FreeBSD (needs more testing)
  • AIX (needs more testing)
  • ESXi (initial support – some tests)

 

How to run

Enter the following command to run lunar.
Usage: ./lunar.sh -[a|A|s|S|d|p|c|l|h|c|V] -[u]
-a: Run in audit mode (no changes made to system)
-A: Run in audit mode (no changes made to system)
[includes filesystem checks which take some time]
-s: Run in selective mode (only run tests you want to)
-d: Print information for a specific test
-S: List functions available to selective mode
-l: Run in lockdown mode (changes made to system)
-L: Run in lockdown mode (changes made to system)
[includes filesystem checks which take some time]
-c: Show changes previously made to system
-p: Show previously versions of file
-u: Undo lockdown (changes made to system)
-h: Display usage
-V: Display version
-v: Verbose mode [used with -a and -A]
[Provides more information about the audit taking place]

 Download now – LUNAR

The following two tabs change content below.

William Fieldhouse

I currently work full time as a penetration tester and have been involved within the IT security industry for over a decade. I also love to pioneer any forms of new technology and ideologies for future advancements. Feel free to contact me at [email protected]

William Fieldhouse

I currently work full time as a penetration tester and have been involved within the IT security industry for over a decade. I also love to pioneer any forms of new technology and ideologies for future advancements. Feel free to contact me at [email protected]

Leave a Reply